[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q1 2008-01-18T05:06:18Z 2008-01-18T05:06:18Z tnn tnn 2008-01-18T05:06:18Z urn:sha1:1c8e24b168b5909ecc586bdbb660570b490d92ef on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@ 2007-02-22T19:01:13Z wiz wiz 2007-02-22T19:01:13Z urn:sha1:16ab66728257a19144999d3bf2b2fb954c58bce4 From Sergey Svishchev in private mail. 2007-01-28T01:34:42Z adrianp adrianp 2007-01-28T01:34:42Z urn:sha1:6c7dd545e66bc6ce3562dbc1e4c108791e445352 a) Experimental IKEv2 support (--ikev2) b) RFC 3947 NAT traversal support (--nat-t) c) Source IP spoofing (--sourceip) - Requires raw sockets. d) Nortel proprietary pre-shared key cracking support. e) psk-crack can read dictionary files from stdin (--dictionary=-) f) Backoff patterns may contain only a single packet. g) Two new packet display options: --timestamp and --shownum h) ike-scan now uses the Mersenne twister PRNG, with new --randomseed option. i) --rcookie option allows the responder cookie to be specified in outgoing packets. j) Several new backoff patterns and vendor IDs added. k) ike-scan wiki launched: http://www.nta-monitor.com/wiki/ 2006-04-22T09:22:05Z rillig rillig 2006-04-22T09:22:05Z urn:sha1:1bf12f54d752f34431e029c366efad2fb372519b need them, for example RESTRICTED and SUBST_MESSAGE.*. 2006-01-18T21:37:01Z adrianp adrianp 2006-01-18T21:37:01Z urn:sha1:4c1df7d1b3b96550f84f0e424e1873a973dfd231 Grab maintainership From the ChangeLog (Summarised) > * ike-backoff-patterns: Added backoff patterns for Netgear ProSafe > and Netgear ADSL Firewall Router. Submitted by Paul Askew. > * ike-scan.c, ike-scan.h, configure.ac: Added new --writepkttofile > option. This option writes the output packet to the specified file > rather than sending it to the remote host. It is intended for > debugging and testing purposes, to allow the IKE packet to be > easily checked. This option is not documented, because it is > designed purely for testing. > * check-packet: New test to check IKE scan packet data. Currently > tests two sample packets: one default proposal, and one custom > proposal. > * ike-scan.c: Added --exchange option to allow the exchange field > in the ISAKMP header to be set to arbitrary values. > * ike-scan.c, isakmp.c: Added --hdrflags and --hdrmsgid options to > allow Flags and MsgID fields in the ISAKMP header to be specified. > * ike-scan.c: Added --cookie option to allow the initiator cookie in > the ISAKMP header to be set to a static value. > * ike-scan.c, isakmp.c: Add --spisize option to allow a random SPI > of the specified size to be added to the proposal payload. > * ike-vendor-ids: Added 16 new Vendor IDs, and revised some comments > on existing entries. > * ike-scan.c: Added --doi (-D) and --situation (-S) options to allow > the DOI and Situation in the SA of the outbound packets to be changed > from the default of DOI_IPSEC and SIT_IDENTITY_ONLY. > * ike-scan.c: Added --protocol (-j) and --transid (-k) options to > allow the proposal protocol and transform id of the outbound packets > to be changed from the defaults. > * ike-scan.c: Added --certreq (-C) option to add a > CertificateRequest payload to the outgoing packet. > * ike-scan.c: Added --headerlen (-L) option to allow the ISAKMP header > length to be manually specified. Normally, ike-scan will > automatically calculate the correct length; however, you can use this > option if you want to use an incorrect length value instead. > * ike-scan.c, isakmp.c: Added --mbz (-Z) option to allow the value for > the reserved (MBZ) fields to be set to non-zero values. Doing so > will make the outgoing packet non-RFC compliant. > * ike-scan.c, isakmp.c: Added --headerver (-E) option to allow the > version field in the ISAKMP header to be altered from the default of > 0x10 (v1.0). > * ike-scan.c: Added --bandwidth (-B) option to allow the outgoing > bandwidth to be specified directly instead of using --interval. > The --bandwidth option calculates the appropriate interval setting, > taking into account the size of the packet. > * ike-scan.c: Added --noncelen (-c) option to allow the length of the > nonce data to be changed. This is only applicable to aggressive > mode. 2005-12-08T18:21:16Z joerg joerg 2005-12-08T18:21:16Z urn:sha1:1c67946890627dfad44f1bf4c55ef7b6146b5aec due to missing size_t. 2005-12-05T20:49:47Z rillig rillig 2005-12-05T20:49:47Z urn:sha1:b4f920543059af038598712771c3211999ef42a6 example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some other changes are outlined in http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html 2005-04-11T21:44:48Z tv tv 2005-04-11T21:44:48Z urn:sha1:2560f48b2f5afa9fcb23e0718a2e2727ca7824cc 2005-02-28T16:04:28Z adam adam 2005-02-28T16:04:28Z urn:sha1:0a93bc0ef66b2ba0e0e212717e013df88ffa4143 * Fixed bug which caused hostnames containing hyphens to fail with an error. * Improved mapping of ID numbers to names in decode. This allows sparse IDs ranges (e.g. 1,2,3,65000) to be supported, which means that we can now decode XAUTH authentication method amongst other things. * Added SO_BROADCAST option to UDP socket to allow sending to broadcast addresses. Previously this gave a permission denied error. 2005-02-24T12:51:41Z agc agc 2005-02-24T12:51:41Z urn:sha1:2eb256146fa3337f8d832db9d8f9f3f5f1978821